Security Control Block
Document security controls with implementation status, evidence, and ownership. Track security measures across access control, encryption, audit logging, and more.
The Security Control block documents security measures and their implementation status. It captures the control ID, name, category, status, implementation details, evidence, ownership, and review schedule.
When to Use
Block Properties
| Property | Required | Description |
|---|---|---|
| Control ID | No | Unique identifier for the control (e.g., SC-001) |
| Control Name | Yes | Name of the security control |
| Category | No | Type of control: Authentication, Encryption, Audit & Logging, etc. |
| Status | No | Implementation state: implemented, partial, planned, or not-implemented |
| Description | No | What the control does |
| Implementation Details | No | How the control is enforced |
| Evidence | No | Documentation or proof of implementation |
| Owner | No | Responsible person or team |
| Review Date | No | Next scheduled review date |
Status Values
Control Categories
Example: Implemented Control
A fully implemented multi-factor authentication control.
Example: Partial Implementation
A control that is partially implemented.
Example: Planned Control
A control scheduled for future implementation.
Example: Not Implemented
A control identified but not yet started.